Nearly one million Android phones infected by hackers
O nce again, hackers are showing why you should never, ever download apps outside official app stores.
Hackers have gained access to more than 1.3 million Google accounts -emails, photos, documents and more -by infecting Android phones through illegitimate apps.
That discovery comes from computer researchers at Check Point, a cybersecurity firm. On Wednesday, Google confirmed to CNNMoney the nature and extent of the problem.
The hackers have managed to steal digital "tokens" that give them access to Google services, like a person's email and photo collection. But according to Google, hackers have not yet tapped that information and stolen it.
The massive hack appears to be a criminal enrichment scheme.
Infected Android smartphones begin to install other, legitimate Android apps -- then rate them highly. This fraudulently inflates their reputation, according to Check Point researchers.
Google has already removed the legitimate apps from its official store that have benefited from this ratings conspiracy, according to a blog post by Adrian Ludwig, the company's director of Android security.
The malware also installs malicious advertising software that tracks users, a potential boon for data-hungry marketer s.
Google says it has blocked 150,000 versions of this kind of nasty cyberattack.
But the problem persists. Another 13,000 devices are getting infected and breached daily, according to Check Point researchers who have been tracking this type of cyberattack since last year. They've nicknamed the hacking campaign "Gooligan."
Check Point has set up a website -Gooligan.CheckPoint.com -- for people to check if their devices have been hacked. (It requires you to enter your Google email address, gives you a response, and offers the company's "ZoneAlarm" product.)
Alternatively, Android users could check to see if they have downloaded illegitimate versions of any of the apps listed at the bottom of this article.
Smartphone owners are advised to only download certified computer programs from official repositories. Google has its Google Play store. Apple has its App Store.
But some people insist on visiting unofficial app stores -- typically on shady websites -- because they offer free, counterfeit versions of popular apps.
"Not surprisingly, a malware, spread in unofficial markets, can create real damage," said Zuk Avraham, the founder of another cybersecurity firm, Zimperium.
Google stressed that users should avoid downloading outside of Google Pl ay.
According to Check Point, here's the list of potentially infected apps: Perfect Cleaner Dem o WiFi Enhancer Snake gla.pev.zvh Html5 Games Dem m memory booster StopWatch Cl ear ballSmove_004 Flashlight Free memory booste Touch Beauty Demoad Small Blue Point Battery Monitor UC Mini Shadow Crush Sex Photo tub.ajy.ics Hip Good Memory Booster phone booster Set t i n gSer vi ce Wifi Master Fruit Slots System Booster Dircet Browser FUNNY DROPS Puzzle Bubble-Pet Paradise GPS Light Browser Clean Master YouTube Downloader KXSer vi ce Best Wallpapers Smart Touch Light Advanced SmartFolder youtubeplayer Beautiful Alarm PronClub Detecting instrument Calculator GPS Speed Fast Cleaner Blue Point CakeSw eet y Ped o m et er Compass Lite Fingerprint unlock PornClub com.br owser.pr ovider Assistive Touch Sex Cademy OneKeyLock Wifi Speed Pro Minibooster com.so.i t ouch com.fabullacop.loudcallernameringtone Kiss Browser Weat h er Chrono Marker Slots Mania Multifunction Flashlight So Hot Googl e HotH5Games Swamm Browser Billiards Tcash Dem o Sexy hot wallpaper Wifi Accelerate Simple Calculator Daily Racing Talking Tom 3 com.example.ddeo Test Hot Photo QPl ay Virtual Music Cloud